{"title":"A Second Preimage Attack on the XOR Hash Combiner","authors":"Shiwei Chen, Ting Cui, Chenhui Jin, Congjun Wang","doi":"10.1049/2024/1230891","DOIUrl":null,"url":null,"abstract":"<div>\n <p>The exclusive-or (XOR) hash combiner is a classical hash function combiner, which is well known as a good PRF and MAC combiner, and is used in practice in TLS versions 1.0 and 1.1. In this work, we analyze the second preimage resistance of the XOR combiner underlying two different narrow-pipe hash functions with weak ideal compression functions. To control simultaneously the behavior of the two different hash functions, we develop a new structure called multicollision-and-double-diamond. Multicollision-and-double-diamond structure is constructed using the idea of meet-in-the-middle technique, combined with Joux’s multicollision and Chen’s inverse-diamond structure. Then based on the multicollision-and-double-diamond structure, we present a second preimage attack on the XOR hash combiner with the time complexity of about <i>O</i>((2<i>n</i> + 1)2<sup><i>n</i>/2</sup> + (<i>n</i> − <i>l</i>)2<sup><i>n</i>−<i>l</i></sup> + (<i>n</i> − <i>k</i>)2<sup><i>n</i>−<i>k</i></sup> + 2<sup><i>l</i>+1</sup> + 2<sup><i>k</i>+1</sup>) (<i>n</i> is the size of the XOR hash combiner and <i>l</i> and <i>k</i> are respectively the depths of the two inverse-diamond structures), less than the ideal time complexity <i>O</i>(2<sup><i>n</i></sup>), and memory of about <i>O</i>(2<sup><i>k</i></sup> + 2<sup><i>l</i></sup>).</p>\n </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3000,"publicationDate":"2024-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/1230891","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Information Security","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/2024/1230891","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
The exclusive-or (XOR) hash combiner is a classical hash function combiner, which is well known as a good PRF and MAC combiner, and is used in practice in TLS versions 1.0 and 1.1. In this work, we analyze the second preimage resistance of the XOR combiner underlying two different narrow-pipe hash functions with weak ideal compression functions. To control simultaneously the behavior of the two different hash functions, we develop a new structure called multicollision-and-double-diamond. Multicollision-and-double-diamond structure is constructed using the idea of meet-in-the-middle technique, combined with Joux’s multicollision and Chen’s inverse-diamond structure. Then based on the multicollision-and-double-diamond structure, we present a second preimage attack on the XOR hash combiner with the time complexity of about O((2n + 1)2n/2 + (n − l)2n−l + (n − k)2n−k + 2l+1 + 2k+1) (n is the size of the XOR hash combiner and l and k are respectively the depths of the two inverse-diamond structures), less than the ideal time complexity O(2n), and memory of about O(2k + 2l).
期刊介绍:
IET Information Security publishes original research papers in the following areas of information security and cryptography. Submitting authors should specify clearly in their covering statement the area into which their paper falls.
Scope:
Access Control and Database Security
Ad-Hoc Network Aspects
Anonymity and E-Voting
Authentication
Block Ciphers and Hash Functions
Blockchain, Bitcoin (Technical aspects only)
Broadcast Encryption and Traitor Tracing
Combinatorial Aspects
Covert Channels and Information Flow
Critical Infrastructures
Cryptanalysis
Dependability
Digital Rights Management
Digital Signature Schemes
Digital Steganography
Economic Aspects of Information Security
Elliptic Curve Cryptography and Number Theory
Embedded Systems Aspects
Embedded Systems Security and Forensics
Financial Cryptography
Firewall Security
Formal Methods and Security Verification
Human Aspects
Information Warfare and Survivability
Intrusion Detection
Java and XML Security
Key Distribution
Key Management
Malware
Multi-Party Computation and Threshold Cryptography
Peer-to-peer Security
PKIs
Public-Key and Hybrid Encryption
Quantum Cryptography
Risks of using Computers
Robust Networks
Secret Sharing
Secure Electronic Commerce
Software Obfuscation
Stream Ciphers
Trust Models
Watermarking and Fingerprinting
Special Issues. Current Call for Papers:
Security on Mobile and IoT devices - https://digital-library.theiet.org/files/IET_IFS_SMID_CFP.pdf
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
